Artificial Intelligence
Information and resources related to artificial intelligence in healthcare.
Cybersecurity
HIPAA requires that covered entities and its business associates conduct a risk assessment of their healthcare organization. A risk assessment helps reveal areas where your organization's protected health information (PHI) could be at risk.
Direct Messaging
Instructions for updating NPPES with your digital address (direct address, digital end point) in compliance with the Office of the National Coordinator (ONC) requirement to provide this information under the Cures Act Final Rule. Verify if your digital address has been updated in NPPES in this CMS report.
Electronic Prescribing of Controlled Substances
Texas law e-prescribing of controlled substances (EPCS) mandate went into effect on Jan. 1, 2021. EPCS software products and pricing, rule regulations and waiver exemption information will be updated as details of the requirement are developed.
EHR Best Practices
Includes information on scribes, copy/paste best practices, as well as tips from physicians on how they were able to improve the use of their Electronic Health Record (EHR) systems.
EHR Changes and Transitions
What physicians and practices should know about switching and transitioning to a new EHR system including cost comparisons, data migration plans and post-implementation guides.
EHR Vendor Comparison Tools
Access assessments of EHR products that have a solid Texas market base. These assessments include most used vendors in Texas, side-by-side summary comparisons, vendor pricing comparisons, and EHR vendor profiles.
Health Information Exchange (HIE)
A Health Information Exchange allows healthcare providers to access and share patient medical record data securely and electronically. Most EHRs are unable to communicate with each other therefore having an HIE helps practices receive important information on their patients that would otherwise not be easily available. Greater Houston Healthconnect is this regions HIE and serves 60+ counties in South East Texas.
Information Blocking
ONC Health IT has released requirements for physicians in order to prevent “information blocking”, which refers to the restriction of sharing and accessing secure electronic health information. Read this page for more information about deadlines and how to comply with these requirements.
Remote Patient Monitoring
Remote Patient Monitoring (RPM) is increasingly being adopted as a telehealth service that allows physicians to monitor and treat patient symptoms outside of a traditional health care environment by using connected medical devices. This service has provided physicians the ability to expand their range of care, see cost reductions and improvements in patient outcomes.
Telemedicine-Telehealth
Telemedicine involves the diagnosis and treatment of patients through telecommunications technology. It is a subset of telehealth, which includes other types of technology-enabled care, such as promoting health and wellness, remote patient monitoring, provider-to-provider remote communication, and mobile health.
Translation platforms
The use of Google Translate and other such platforms are not appropriate for patient consultations mainly due to HIPAA compliance deficiencies. Also, these platforms are known to have inaccurate translations that could result in patient harm, exposing the practice to legal and financial implications, reputational damage, and other concerns. Inaccurate translations have been demonstrated by the authors of a study, Use of Google Translate in medical communication: evaluation of accuracy, where they found Google Translate has only 57.7% accuracy when used for medical phrase translations. The use of Google Translate and other such platforms likely violate the language access provisions in the Section 1557 of the Affordable Care Act as they don’t meet the definition of a "qualified interpreter" or "qualified translator" that may be required for meaningful access.
HIPAA compliance:
Google Translate is not HIPAA compliant and for this reason, is not appropriate for use at a patient visit. HIPAA requires:
• Encryption of PHI during transfer and storage.
• Business Associate Agreements (BAAs) with service providers.
• Audit controls and activity logs.
• Training and policies to prevent unauthorized disclosure.
Clinical and legal issues:
• Clinical Risk: Inaccurate translations can lead to misdiagnoses, medication errors and poor adherence.
• Financial Risk: HIPAA violations can carry penalties up to $1.5 million per year, per violation category.
• Legal Risk: Hospitals are exposed to malpractice claims if patients suffer harm from miscommunication.
• Reputational Risk: Public trust is eroded if non-compliant practices are exposed.